Network Working Group R. Wright
Request for Comments: 1803 Lawrence Berkeley Laboratory
Category: Informational A. Getchell
Lawrence Livermore National Laboratory
T. Howes
University of Michigan
S. Sataluri
AT&T Bell Laboratories
P. Yee
NASA Ames Research Center
W. Yeong
Performance Systems International, Inc.
June 1995
Recommendations for an X.500 Production Directory Service
Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Abstract
This document contains a set of basic recommendations for a country-
level X.500 DSA. These recommendations can only be considered a
starting point in the quest to create a global production quality
X.500 infrastructure. For there to be a true "production quality"
X.500 infrastructure more work must be done, including a transition
from the 1988 X.500 (plus some Internet extensions) to the 1993 X.500
standard (including the '93 replication and knowledge model). This
document does not discuss this transition.
1. Introduction
The ISO/CCITT X.500 Directory standard enables the creation of a
single world-wide Directory that contains information about various
types of information, including people. In the United States, in mid
1989 NYSERNet (the project was later taken over by Performance
Systems International - PSI) started a White-pages Pilot Project
(WPP). Several organizations in the US joined this project. The PSI
WPP provided the c=US root level master Directory System Agent (DSA)
where organizations that joined the pilot were connected. In
November 1990, the PARADISE project was started in Europe to provide
an international directory service across Europe with international
connectivity to the rest of the world. The PARADISE project also
operated the "root of the world" DSA that connected each of the
Wright, et al Informational [Page 1]RFC 1803 X.500 Production Directory Service June 1995
national pilots into a single world-wide Directory Information Tree
(DIT), enabling information about people all over the world to be
obtainable using an Internet DUA (Directory User Agent).
Much of the criticism of X.500 stems from the lack of a production
quality infrastructure. Although there are already well over 500
organizations and 1,000,000 entries in the the X.500 directory, some
portions of the directory are still considered a "pilot project".
Poor availability of portions of the directory and inconsistent
quality of information are two problems that have not been adequately
addressed in a number of the X.500 "pilot projects". One of the
reasons for this has been a lack of formal service objectives for
running an X.500 service, and recommendations for achieving them.
In X.500, the country-level DSAs form the access path for the rest of
the world to access directory entries associated with that country's
organizations. Thus, the availability and performance of the
country-level DSAs give an upper bound to the quality of service of
the whole country's part of the Directory.
2. Recommendations for the country-level Master DSA
We will split the recommendations into three categories: Operational
recommendations for the organization running the master DSA (service
provider), DSA recommendations and personnel recommendations.
2a. Operational recommendations for the country-level master and shadow
DSAs
In general, the country-level data should be available for querying
100% of the time. Availability for updating is also important, but
may be slightly reduced in practice, given X.500's single master
scheme.
* The master DSA should be available at least 95% of the time. This
means that the DSA must be monitored and supported over the weekend.
* The Master DSA and its shadows should be positioned to minimize the
possibility of single points of failure.
* The master and its shadow DSAs should be disbursed across the